> The use of multiple DataReference elements allows the following flawed
> relationship; Alice must encrypt EncryptedData-A and EncryptedData-B with
> the same symmetric key, which is encrypted with Bob's public key in
> EncryptedKey-Bob. If Eve is a second recipient of EncryptedData-A, she
> gains indirect access to EncryptedData-B, which Alice did not intend. (Same
> applies to KeyReferences.)
This attack may be an implementation issue? No matter what kind
of standard you design, if the sender is dumb enough, he may
make the protocol completely insecure....
Regards,
Yongge
-----------------------------------
Yongge Wang -- Crypto Mathematician
http://cs.uwm.edu/~wang/
-----------------------------------